Sage Pay - Developers

Home
Sage Pay Go
Bolt-ons
Tailored Solutions
Integrating Sage Pay
Existing Sage customers
Merchant services
Support centre & FAQs
Forum

Direct Refunds and the Merchant Banks (specifically concerning the online gambling industry)

The important thing to note with Direct Refunds is that the bank are not familiar with this term, they use the following terminology:

Original Credit Transaction (OCT) for Visa – Sage Pay is fully integrated with this scheme.
Payment of Winnings (PoW) for Mastercard –Sage Pay is not yet integrated for this scheme and testing has not yet begun between Sage Pay and the merchant acquirers.

Barclays Merchant Services:

BMS are able to process Direct Refund transactions.

These would be in the format of Visa transactions being returned to the cardholder as an Original Credit Transaction (OCT).

UK Maestro: Winnings must be transferred to the card the original transaction was made with.
MasterCard: Winnings must be transferred via BACS or other method. Direct Refund is not permitted for MasterCard transactions.

NatWest Streamline:

Sage Pay is not integrated with Streamline for Direct Refunds.However, Streamline is partaking in the PoW scheme (see notes below), and therefore this could potentially be something that Sage Pay is able to offer at a later date once the pilot scheme has been completed. More details will be provided when they are available.

Lloyds TSB & Bank of Scotland:

LTSB and BOS are able to support Direct Refund transactions.
Visa: In the form of OCT
MasterCard: Piloting a scheme known as Payment of Winnings (PoW).

HSBC:

Sage Pay is not set up to process Direct Refund transactions with HSBC at this time. Currently there is no time scale for any future integration.

Notes on the previous information:

Original Credit Transaction requires an OCT M/N from their merchant bank.

PoW stands for Payment of Winnings, and is a scheme being piloted by the merchant banks and Mastercard. It will require integration with the banks on our behalf, testing and etc. Live Service will be notifying Customer Service if and when testing with the banks begins.

There are limits posed on PoW transactions, these include, but are not limited to: A maximum value of 5,000 Euros, vendor & PSP must be audited under the 'Cardnet gaming audit', Cards and I.P. addresses from the following countries must be blocked, and proof of these being blocked must be supplied once a month in the form of a report to the banks:

U.S.A.
Australia
China

In Summary:

	Visa (OCT)	Mastercard (PoW)
Barclays Merchant Services
Streamline
Lloyds TSB Cardnet
Bank of Scotland
HSBC

How to process a Direct Refund transaction:

If you wish to REFUND transactions, they must have been taken via the Sage Pay systems in the first place, however in some circumstances this is not the case as the vendor may have taken the original payment via a PDQ machine or using a different payment processor. DIRECTREFUND is like a MANUAL payment but credits the supplied card instead of debiting it. This part of the protocol is never enabled by default because of the associated risks of fraud.

A Direct Refund is performed via a HTTPS POST sent to the Direct Refund service directrefund.vsp. The details should be URL encoded Name=Value fields separated by ‘&’ characters.

Request format (continued overleaf)

VPSProtocol	Alphanumeric. Fixed 4 characters.	“2.23” in this release	Default or incorrect value is taken to be 2.23
TxType	Alphanumeric Max 15 characters.	“DIRECTREFUND”	Should be in capital letters.
Vendor	Alphanumeric Max 15 characters.	Vendor Login Name	Used to authenticate your site. This should contain the Vendor Name supplied by Sage Pay when your account was created.
VendorTxCode	Alphanumeric Max 40 characters	Vendor Transaction Code	This should be your own reference code to the transaction. Your servers should provide a completely unique VendorTxCode for each transaction.
Amount	Numeric. 1.00 to 100,000.00	Amount for the Transaction containing minor digits formatted to 2 decimal places where appropriate.	Must be positive and numeric, and may include a decimal place where appropriate. Minor digits should be formatted to two decimal places. e.g. 5.10, or 3.29. Values such as 3.235 and 2.3 will be rejected.
Currency	Alphanumeric 3 characters	Three-letter currency code to ISO 4217 Examples: “GBP”, “EUR” and “USD”	The currency must be supported by one of your merchant accounts or the transaction will be rejected.
Description	Alphanumeric Max 100 characters	Free text description of the reason for the refund.	The description of good purchased is displayed in My Sage Pay for your future reference.
CardHolder	Alphanumeric Max 50 characters	The card holder’s name	This should be the name displayed on the card.
CardNumber	Alphanumeric Max 20 characters	The credit or debit card number with no spaces.	The full card number is required.
Optional: StartDate	Numeric 4 characters	The Start date (required for some Maestro, Solo and Amex) in MMYY format	The start date MUST be in MMYY format i.e. 0699 for June 1999. No / or – characters should be included.
ExpiryDate	Numeric 4 characters	The Expiry date (required for ALL cards) in MMYY format	The expiry date MUST be in MMYY format i.e. 1206 for December 2006. No / or – characters should be included.
Optional: IssueNumber	Numeric Max 2 characters	The card Issue Number (some Maestro and Solo cards only)	The issue number MUST be entered EXACTLY as it appears on the card. e.g. some cards have issue number “4” others have “04”.
CardType	Alphanumeric Max 15 characters	“VISA”, ”MC”, ”DELTA”, “SOLO”, “MAESTRO”, “UKE”, “AMEX”, “DC” or “JCB” NB: “SWITCH” is still accepted by you should use “MAESTRO”	MC is MasterCard, UKE is Visa Electron. AMEX and DC (DINERS) can only be accepted if you have additional merchant accounts with those acquirers.
Optional: AccountType	Alphanumeric 1 character	E = Use the e-commerce merchant account. (default) C = Use the continuous authority merchant account (if present). M = Use the mail order, telephone order account (if present).	This optional flag is used to tell the Sage Pay System which merchant account to use for this transaction in situations where more than one type of merchant account is set up for your Sage Pay vendor account. If omitted, the system will use E, then M then C by default.

Direct Refund results
This is the response part of the Refund POST originated by the request shown above. Encoding is as Name=Value fields separated by carriage-return-linefeeds (CRLF).

Response format:

Name	Format	Values	Comments
VPSProtocol	Alphanumeric. Fixed 4 characters.	Version number of the protocol of the system. This release will return “2.23”	This will match the protocol version supplied in A13.
Status	Alphanumeric Max 15 characters.	“OK” – The refund was accepted by Sage Pay and funds will be returned to the customer. “NOTAUTHED” – The refund was not accepted by Sage Pay. No funds will be returned to the card “MALFORMED” – Input message was missing fields or badly formatted – normally will only occur during development and vendor integration. “INVALID” – Transaction was not registered because although the POST format was valid, some information supplied was invalid. E.g. incorrect vendor name or currency. “ERROR” – Only returned if there is a problem at Sage Pay.	If the status is not OK, the StatusDetail field will give more information about the problem. Please notify Sage Pay if a Status report of ERROR is seen, together with your VendorTxCode and the StatusDetail text.
StatusDetail	Alphanumeric Max 255 characters	Human-readable text providing extra detail for the Status message.	Always check StatusDetail is the Status is not OK
VPSTxId	Alphanumeric 38 characters	Sage Pay ID to uniquely identify the Transaction on our system.	Only present if Status is OK.
TxAuthNo	Numeric Long integer	The Sage Pay authorisation code (also called VPSAuthCode) for this transaction.	Only present if Status is OK.